Data Security at Pardot

Keeping our clients' information safe is our top priority, so we take our security precautions seriously. This article lists links to pages and posts that provide more insight into our security measures. For more, see Pardot's Trust and Compliance documentation.
Pardot's application security includes:

Strong Passwords: Passwords must consist of a combination of upper case, lower case, numbers and special characters.

Password Expiration: Passwords can be set to expire every 90 days.

IP Location-Based Login Protection: You can require users with a valid user ID and password to activate their location by clicking an activation link in a system-generated email from Pardot. See our IP Location Activation article for more information.

IP Whitelisting: If you enable IP Security and set it to Restricted, only users from whitelisted IP addresses will be able to access the account. For whitelisting management instructions, click here.

Single Sign On with Salesforce: Single Sign on (SSO) with your Salesforce CRM instance helps you effectively manage user access to resources, and lets you to take advantage of the additional controls that Salesforce has provided for SSO, such as SAML integration. Please note that SSO is only available to current Salesforce CRM users. See this article for more on SSO.